Compare commits
3 Commits
ce6a5c7477
...
0.0.7
| Author | SHA1 | Date | |
|---|---|---|---|
|
b4a65a1af4 | ||
|
|
65aeeda263 | ||
|
|
f61e014d2a |
1
.gitignore
vendored
1
.gitignore
vendored
@@ -1,5 +1,6 @@
|
||||
.direnv
|
||||
server.log
|
||||
shell.nix
|
||||
mem.go
|
||||
nxcaldav
|
||||
in/
|
||||
|
||||
59
config.yaml
59
config.yaml
@@ -3,74 +3,45 @@ database:
|
||||
server:
|
||||
bind_address: 0.0.0.0:14243
|
||||
default_class: CONFIDENTIAL
|
||||
public_url: http://nxc.nx2.site/
|
||||
email_domain: nx2.site
|
||||
public_url: http://example.com/
|
||||
email_domain: example.com
|
||||
redaction_text: '[-]'
|
||||
|
||||
smtp:
|
||||
host: localhost
|
||||
port: 587
|
||||
user: nxcaldav@nx2.site
|
||||
password: Vastly-Wrinkle9-Corsage
|
||||
password_cmd: echo "Vastly-Wrinkle9-Corsage"
|
||||
|
||||
users:
|
||||
- name: daniel
|
||||
password: ll
|
||||
- name: alice
|
||||
password: 123
|
||||
groups:
|
||||
- family
|
||||
- name: lennart
|
||||
password: ll
|
||||
- name: bob
|
||||
password: abc
|
||||
groups:
|
||||
- family
|
||||
- name: shared
|
||||
password: Oxidant-Ageless3-Dispersed
|
||||
|
||||
calendars:
|
||||
- id: preservation
|
||||
owner: lennart
|
||||
- id: test
|
||||
owner: alice
|
||||
color: '#F6F5F4'
|
||||
- id: effort
|
||||
owner: lennart
|
||||
color: '#FF0000'
|
||||
- id: experience
|
||||
owner: lennart
|
||||
color: '#2C33FF'
|
||||
- id: leisure
|
||||
owner: lennart
|
||||
color: '#10B400'
|
||||
- id: daniel
|
||||
owner: daniel
|
||||
color: '#ff2222'
|
||||
- access:
|
||||
- group: family
|
||||
mode: read-write
|
||||
id: family
|
||||
- id: family
|
||||
owner: shared
|
||||
color: '#999999'
|
||||
access:
|
||||
- group: family
|
||||
mode: read-write
|
||||
|
||||
address_books:
|
||||
- id: contacts
|
||||
owner: lennart
|
||||
- id: contacts
|
||||
owner: daniel
|
||||
owner: alice
|
||||
- id: family
|
||||
owner: shared
|
||||
owner: bob
|
||||
access:
|
||||
- group: family
|
||||
mode: read-write
|
||||
|
||||
aggregates:
|
||||
- access:
|
||||
- group: family
|
||||
mode: read-only
|
||||
- ics: future-only
|
||||
id: lennart-aggregat
|
||||
owner: lennart
|
||||
color: '#dd9999'
|
||||
sources:
|
||||
- preservation
|
||||
- effort
|
||||
- experience
|
||||
- leisure
|
||||
- family
|
||||
|
||||
|
||||
@@ -8,7 +8,6 @@ import (
|
||||
"log"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os/exec"
|
||||
"path"
|
||||
"slices"
|
||||
"strings"
|
||||
@@ -140,16 +139,9 @@ func (b *DBBackend) initSchema(ctx context.Context) error {
|
||||
}
|
||||
|
||||
func (b *DBBackend) resolvePassword(u config.User) (string, error) {
|
||||
var raw string
|
||||
if u.PasswordCmd != "" {
|
||||
cmd := exec.Command("sh", "-c", u.PasswordCmd)
|
||||
out, err := cmd.Output()
|
||||
raw, err := config.ResolvePassword(u.Password, u.PasswordCmd)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("failed to run password command for %s: %v", u.Name, err)
|
||||
}
|
||||
raw = strings.TrimSpace(string(out))
|
||||
} else {
|
||||
raw = u.Password
|
||||
return "", fmt.Errorf("failed to resolve password for %s: %v", u.Name, err)
|
||||
}
|
||||
|
||||
// If it already looks like a bcrypt hash, return as is.
|
||||
|
||||
@@ -10,6 +10,7 @@ import (
|
||||
"strings"
|
||||
|
||||
"github.com/emersion/go-ical"
|
||||
"nxcaldav/internal/config"
|
||||
)
|
||||
|
||||
// sendInvitation sends an iMIP (RFC 6047) invitation email.
|
||||
@@ -99,8 +100,14 @@ func (b *DBBackend) sendInvitation(senderName, recipientEmail, summary, descript
|
||||
if err = c.StartTLS(tlsConfig); err != nil { return err }
|
||||
}
|
||||
}
|
||||
if b.smtp.User != "" && b.smtp.Password != "" {
|
||||
auth := smtp.PlainAuth("", b.smtp.User, b.smtp.Password, b.smtp.Host)
|
||||
|
||||
smtpPassword, err := config.ResolvePassword(b.smtp.Password, b.smtp.PasswordCmd)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to resolve SMTP password: %v", err)
|
||||
}
|
||||
|
||||
if b.smtp.User != "" && smtpPassword != "" {
|
||||
auth := smtp.PlainAuth("", b.smtp.User, smtpPassword, b.smtp.Host)
|
||||
if err = c.Auth(auth); err != nil { return err }
|
||||
}
|
||||
|
||||
|
||||
@@ -1,8 +1,10 @@
|
||||
package config
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/url"
|
||||
"os"
|
||||
"os/exec"
|
||||
"slices"
|
||||
"strings"
|
||||
|
||||
@@ -68,6 +70,7 @@ type SMTPConfig struct {
|
||||
Port int `yaml:"port"`
|
||||
User string `yaml:"user"`
|
||||
Password string `yaml:"password"`
|
||||
PasswordCmd string `yaml:"password_cmd"`
|
||||
}
|
||||
|
||||
type Config struct {
|
||||
@@ -79,6 +82,18 @@ type Config struct {
|
||||
AddressBooks []AddressBook `yaml:"address_books"`
|
||||
Aggregates []Aggregate `yaml:"aggregates"`
|
||||
}
|
||||
|
||||
func ResolvePassword(password, passwordCmd string) (string, error) {
|
||||
if passwordCmd != "" {
|
||||
cmd := exec.Command("sh", "-c", passwordCmd)
|
||||
out, err := cmd.Output()
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("failed to run password command: %v", err)
|
||||
}
|
||||
return strings.TrimSpace(string(out)), nil
|
||||
}
|
||||
return password, nil
|
||||
}
|
||||
func (c *Config) setDefaults() {
|
||||
if c.Server.BindAddress == "" { c.Server.BindAddress = ":8080" }
|
||||
if c.Server.Redaction == "" { c.Server.Redaction = "Busy" }
|
||||
|
||||
Reference in New Issue
Block a user